{"vuid":"VU#567963","idnumber":"567963","name":"HP Tru64 UNIX \"imapd\" contains buffer overflow (SSRT2275)","keywords":["Compaq","Tru64","imapd","buffer overflow","long string of characters","$NLSPATH","environment variable"],"overview":"The HP Tru64 UNIX implementation of \"imapd\" contains a locally exploitable buffer overflow.","clean_desc":"\"imapd\" is the IMAP daemon. A locally exploitable buffer overflow in \"imapd\" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host.","impact":"A local user may be able to gain elevated privileges and execute arbitrary code.","resolution":"Apply a patch.","workarounds":"","sysaffected":"","thanks":"Thanks to KF for reporting this vulnerability.","author":"This document was written by Ian A Finlay.","public":["h","t","t","p",":","/","/","w","w","s","s","1","p","r","o",".","c","o","m","p","a","q",".","c","o","m","/","s","u","p","p","o","r","t","/","r","e","f","e","r","e","n","c","e","_","l","i","b","r","a","r","y","/","v","i","e","w","d","o","c","u","m","e","n","t",".","a","s","p","?","s","o","u","r","c","e","=","S","R","B","0","0","3","9","W",".","x","m","l","&","d","t","=","1","1"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-07-11T19:47:09Z","publicdate":"2002-08-30T00:00:00Z","datefirstpublished":"2002-09-10T19:03:54Z","dateupdated":"2002-09-10T19:04:02Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"5","cam_impact":"20","cam_easeofexploitation":"20","cam_attackeraccessrequired":"10","cam_scorecurrent":"7.5","cam_scorecurrentwidelyknown":"9.375","cam_scorecurrentwidelyknownexploited":"16.875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":7.5,"vulnote":null}